Trust and control: A dialectic link

The relationship between trust and control is quite relevant both for the very notion of trust and for modelling and implementing trust-control relations with autonomous systems, but it is not trivial at all. On the one side, it is true that where / when there is control there is no trust, and vice versa. However, this refers to a restricted notion of trust: i.e., "trust in y," which is just a part, a component of the global trust needed for relying on the action of another agent. It is claimed that control is antagonistic of this strict form of trust; but also that it completes and complements it for arriving to a global trust. In other words, putting control and guarantees is trust-building; it produces a sufficient trust, when trust in y's autonomous willingness and competence would not be enough. It is also argued that control requires new forms of trust: trust in the control itself or in the controller, trust in y as for being monitored and controlled; trust in possible authorities, etc. Finally, it is shown that, paradoxically, control could not be antagonistic of strict trust in y, but it can even create and increase it by making y more willing or more effective. In conclusion, depending on the circumstances, control makes y more reliable or less reliable; control can either decrease or increase trust. Two kinds of control are also analyzed, characterized by two different functions: "pushing or influencing control" aimed at preventing violations or mistakes, versus "safety, correction, or adjustment control" aimed at preventing failure or damages after a violation or a mistake. A good theory of trust cannot be complete without a theory of control.     

2类故障系统的检测策略研究

研究具有2类故障的可修系统的一个模型,假定系统工作时可能直接发生第1类故障, 也可能经过异常后发生第2类故障.系统故障时不需检测,系统工作时必须经过检测才能知道 它是正常还是异常,并且检测时间是一个随机变量.系统开始工作后,每隔一段时间对它检测 一次,直到系统故障或者检测结果是系统处于异常状态为止.利用密度演化方法,求出了系统的 可靠性指标和最优检测策略.     

Naming is the key to the future

Whether you believe it or not and whether you like it or not, all networking protocols are getting a lobotomy these days. All of them. IP is being modified to IPng or IP6 as it will eventually be called. DECnet Phase IV going to DECnet/OSI. The list goes on and on.     

Beyond requirements: software making as art

Quality is meeting requirements - or is it? The authors challenge this familiar metaphor for requirements and introduce a new one based on their experience in an industry that seems far from software development or is it?.     

What is computer security?

Computer and network security, or cybersecurity, are critical issues. But merely protecting the systems that hold data about citizens, corporations, and government agencies it is not enough. The infrastructure of networks, routers, domain name servers, and switches that glue these systems together must not fail, or computers will no longer be able to communicate accurately or reliably. Given the magnitude of securing cyberspace, a reflection on what we are trying to do seems in order. Several questions arise, such as what exactly the infrastructure is, what threats it must be secured against, and how protection can be provided on a cost-effective basis. But underlying all these questions is how to define a secure system. What is security? Having it is obviously good; everyone says so. But few people define it exactly, or even nebulously. This column tries to place cybersecurity in perspective, because it is, of course, central to countries, organizations, and even home users now and in the future.     

4状态可修系统的可靠性和检测策略研究

研究4状态检测系统的一个模型,假定系统有4种运行状态:正常、异常、隐患和故障, 其中故障状态不需检测便可发现,正常、异常和隐患均为工作状态,需经过检测才能发现.当 系统工作时,每隔一段随机时间对它检测一次,直到系统故障或检测出系统处于隐患状态为 止.利用概率分析和补充变量方法,研究了系统的可靠性指标和最优检测周期.     

一种基于RSA的群签名方案

现存的群签名方案要么不考虑群成员的废除问题,要么存在计算量与被废除成员线性相关的缺点,是低效的,要么是不安全的.考虑到RSA是应用最广泛的公钥密码体制之一,首次基于RSA设计出一种群签名方案.新方案在不改变其他有效群成员的密钥的情况下,可以安全地增加或撤消群成员;可以高效地实现成员的增加或撤消;可以适合大的群体使用;具有基于大数分解困难性的安全性.     

利用切比雪夫不等式的背景建模算法

针对运动目标检测问题中的背景建模问题,提出一种结合切比雪夫不等式和核密度估计的背景建模方法.首先利用样本均值与样本方差及切比雪夫不等式,快速计算各像素点属于前景和背景的概率,判别出前景点、背景点及可疑点.对可疑点再利用核密度估计方法,估计其属于前景与背景的概率密度来进行背景前景判别,最后通过设定阈值完成实时背景建模.实验结果证明,利用切比雪夫不等式能快速区分有明显特征的前景点与背景点,采用背景更新算法能得到理想的背景图像,降低了背景图像提取的误差,显著地提高了背景建模的速度.     

Assuring software quality assurance

The term quality assurance (or QA) has a variety of interpretations. The most common one is that it ensures that developers, testers, or independent auditors have performed some form of scrutiny on a system to validate that it will work as required. Software quality assurance is similar but applies to the code or noncode artifacts.     

Design for adaptability (DFAD)—a new concept for achieving sustainable design

This paper discusses the concepts associated with a new methodology, design for adaptation (DFAD), under development for achieving advanced sustainable designs. The DFAD methodology concept is based on the hypothesis that product life ends because a product is unable to adapt to change. A product may be retired for myriad reasons including that it is broken, out of style, or has become inefficient due to technology obsolescence. In these cases, the product was not able to adapt to change—it was unable to self-heal, it could not modify or reconfigure to meet changing fashion needs, or it could not be upgraded, for physical or economic reasons, to utilize new technology. To address these and similar issues, we are developing the DFAD methodology. DFAD is based on classical control theory and products are conceptualized and modeled as dynamic systems with feedback control strategies to respond, or adapt, effectively to changes in product performance criteria. The DFAD concept takes into account that changing performance requirements may be based on physical, cultural, environmental, and/or economic considerations, among others.     

Around and around [computer graphics]

Everybody loves making pictures with a spirograph. Spirograph produces planar curves that are known as roulettes. The simplest way to create a roulette is probably to use a circle for the wheel and a straight line for the frame. This results in a figure that has the special name cycloid. Spirograph only has a few curve types available. To make other types of curves, it might be useful to attach a rigid arm to the center of the disk. As the disk rotates, the arm spins with it. Determining whether the pen tip is inside the rolling shape, right on its edge, or outside of it, is a useful tool for distinguishing among different roulette types. The first distinction is whether the wheel is inside or outside of the frame. If it's outside, we call it an epitrochoid; otherwise it's a hypotrochoid. If the pen is right on the edge of the wheel, then it's an epicycloid or hypocycloid. If the pen is not on the edge, then the curve is an epiroulette or hyporoulette. There are two forms of each of these. If the pen is inside the wheel, then we have a cutate epiroulette or hyporoulette, otherwise it's a prolate epiroulette or hyporoulette. There are also some special cases of these curves that we have mentioned briefly.     

几个常用测试用例设计方法及应用

软件测试是使用人工或者自动手段来运行或测试某个系统的过程,其目的在于检验被测软件是否满足规定的需求或弄清预期结果与实际结果之间的差别。文章介绍了在软件测试工作中,如何有效地划分测试种类和编写对应的测试用例,使测试工作更加合理、高效率地运行。     

Presence of mind: a reaction to Thomas Sheridan's "Further musings on the psychophysics of presence."

An operator's sense of remote presence during teleoperation or use of virtual environment interfaces is analyzed as to what characteristics it should have to qualify it as an explanatory scientific construct. But the implicit goal of designing virtual environment interfaces to maximize presence is itself questioned in a second section in which examples of human-machine interfaces beneficially designed to avoid a strong sense of egocentric presence are cited. In conclusion, it is argued that the design of a teleoperation or virtual environment system should generally focus on the efficient communication of causal interaction. In this view the sense of presence, that is of actually being at the simulated or remote workplace, is an epiphenomena of secondary importance for design.     

Contract-checking wrappers for C++ classes

Two kinds of interface contract violations can occur in component-based software: A client component can fail to satisfy a requirement of a component it is using, or a component implementation can fail to fulfill its obligations to the client. The traditional approach to detecting and reporting such violations is to embed assertion checks into component source code, with compile-time control over whether they are enabled. This works well for the original component developers, but it fails to meet the needs of component clients who do not have access to source code for such components. A wrapper-based approach, in which contract checking is not hard-coded into the underlying component but is "layered" on top of it, offers several relative advantages. It is practical and effective for C++ classes. Checking code can be distributed in binary form along with the underlying component, it can be installed or removed without requiring recompilation of either the underlying component or the client code, it can be selectively enabled or disabled by the component client on a per-component basis, and it does not require the client to have access to any special tools (which might have been used by the component developer) to support wrapper installation and control. Experimental evidence indicates that wrappers in C++ impose-modest additional overhead compared to inlining assertion checks.     

What software reality is really about

Software reality is more about people working together than it is about defined processes; it's more about science than it is about computer science; it's more about understanding than it is about documentation; it's more about inquiry than it is about metrics; it's more about skill than it is about methods; it's more about becoming better than it is about being good; and it's more about being good enough than it is about being right or wrong     

基于SSE—CMM的可信度及其度量初探

可信度是SSE—CMM的一个重要组成部分,它是指安全需求得到满足的信任程度．它是安全工程中非常重要的概念。对于一个工程或是一个系统．如何判断它的安全需求是否已经满足,如何度量它的可信度,是非常复杂的。可信度就是风险度量的精确程度。风险度量的精确度越高,系统的安全可信度也就越大。通过探讨可信度与风险之间的关系,来寻求度量可信度的方法。     

Revolutionising mobile payments

The concept of using a mobile phone or device to purchase goods and services has always been one of the key ambitions for technology players within the telecom industry. Mobile proximity technology, or contactless technology as it is often referred to, is one such technology that is seen as a means to enable mobile transactions and open up ways for operators to reach consumers and generate new revenue streams. However, mobile proximity solutions remain a relatively new concept within the telecom industry itself and we are only now starting to see trials and deployments of this technology. So what is mobile proximity technology and will it be the promised nirvana it is perceived to be for operators?     

Scalable time series classification

Time series classification tries to mimic the human understanding of similarity. When it comes to long or larger time series datasets, state-of-the-art classifiers reach their limits because of unreasonably high training or testing times. One representative example is the 1-nearest-neighbor dynamic time warping classifier (1-NN DTW) that is commonly used as the benchmark to compare to. It has several shortcomings: it has a quadratic time complexity in the time series length and its accuracy degenerates in the presence of noise. To reduce the computational complexity, early abandoning techniques, cascading lower bounds, or recently, a nearest centroid classifier have been introduced. Still, classification times on datasets of a few thousand time series are in the order of hours. We present our Bag-Of-SFA-Symbols in Vector Space classifier that is accurate, fast and robust to noise. We show that it is significantly more accurate than 1-NN DTW while being multiple orders of magnitude faster. Its low computational complexity combined with its good classification accuracy makes it relevant for use cases like long or large amounts of time series or real-time analytics.     

Unbiased minimum-variance linear state estimation

A method is developed for linear estimation in the presence of unknown or highly non-Gaussian system inputs. The state update is determined so that it is unaffected by the unknown inputs. The filter may not be globally optimum in the mean square error sense. However, it performs well when the unknown inputs take extreme or unexpected values. In many geophysical and environmental applications, it is performance during these periods which counts the most. The application of the filter is illustrated in the real-time estimation of mean areal precipitation.     

Security and privacy issues in the Portable Document Format

The Portable Document Format (PDF) was developed by Adobe in the early nineties and today it is the de-facto standard for electronic document exchange. It allows reliable reproductions of published materials on any platform and it is used by many governmental and educational institutions, as well as companies and individuals. PDF documents are also credited with being more secure than other document formats such as Microsoft Compound Document File Format or Rich Text Format.This paper investigates the Portable Document Format and shows that it is not immune from some privacy related issues that affect other popular document formats. From a PDF document, it is possible to retrieve any text or object previously deleted or modified, extract user information and perform some actions that may be used to violate user privacy. There are several applications of such an issue. One of them is relevant to the scientific community and it pertains to the ability to overcome the blind review process of a paper, revealing information related to the anonymous referee (e.g., the IP address of the referee).